package cn.chiship.framework.common.util;

import cn.chiship.sdk.cache.vo.CacheRoleVo;
import cn.chiship.sdk.cache.vo.CacheUserVO;
import cn.chiship.sdk.core.annotation.RequiredPermissions;
import cn.chiship.sdk.core.annotation.RequiredRoles;
import cn.chiship.sdk.core.enums.PermissionsEnum;
import cn.chiship.sdk.core.exception.custom.BusinessException;
import cn.chiship.sdk.core.exception.custom.PermissionsException;
import com.alibaba.fastjson.JSON;
import cn.chiship.sdk.cache.service.UserCacheService;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
 * @author lijian 权限校验
 */
public class UserPermissionsUtil {

	private UserPermissionsUtil() {
	}

	public static boolean checkOption(Method method, UserCacheService userCacheService, HttpServletRequest request) {
		if (method.getAnnotation(RequiredPermissions.class) != null
				|| method.getAnnotation(RequiredRoles.class) != null) {
			if (userCacheService == null) {
				throw new BusinessException("无法获得【userCacheService】");
			}
			CacheUserVO userVO = userCacheService.getUser();
			if (userVO == null) {
				throw new BusinessException("Token失效?");
			}
			/**
			 * 获得权限
			 */
			List<String> perms = userVO.getPerms();
			if (method.getAnnotation(RequiredPermissions.class) != null) {
				RequiredPermissions requiredPermissions = method.getAnnotation(RequiredPermissions.class);
				String[] permsValue = requiredPermissions.value();
				if (permsValue.length == 0) {
					throw new PermissionsException("请配置所需要权限!");
				}
				if (requiredPermissions.logical().equals(PermissionsEnum.AND)) {
					if (!perms.containsAll(Arrays.asList(permsValue))) {
						throw new PermissionsException("接口【" + request.getRequestURI() + "】必须"
								+ JSON.toJSONString(requiredPermissions.value()) + "拥有权限!");
					}
				}
				else {
					Integer count = 0;
					for (String permValue : permsValue) {
						if (perms.contains(permValue)) {
							count++;
						}
					}
					if (count == 0) {
						throw new PermissionsException("接口【" + request.getRequestURI() + "】至少"
								+ JSON.toJSONString(requiredPermissions.value()) + "拥有其中一种权限!");
					}
				}
			}
			/**
			 * 获得角色
			 */
			List<String> roles = new ArrayList<>();
			for (CacheRoleVo roleVo : userVO.getCacheRoleVos()) {
				roles.add(roleVo.getRoleCode());
			}
			if (method.getAnnotation(RequiredRoles.class) != null) {
				RequiredRoles requiredRoles = method.getAnnotation(RequiredRoles.class);
				String[] rolesValue = requiredRoles.value();
				if (rolesValue.length == 0) {
					throw new PermissionsException("请配置所需要角色!");
				}
				if (requiredRoles.logical().equals(PermissionsEnum.AND)) {
					if (!roles.containsAll(Arrays.asList(requiredRoles))) {
						throw new PermissionsException("接口【" + request.getRequestURI() + "】必须"
								+ JSON.toJSONString(requiredRoles.value()) + "拥有角色!");
					}
				}
				else {
					Integer count = 0;
					for (String roleValue : rolesValue) {
						if (roles.contains(roleValue)) {
							count++;
						}
					}
					if (count == 0) {
						throw new PermissionsException("接口【" + request.getRequestURI() + "】至少"
								+ JSON.toJSONString(requiredRoles.value()) + "拥有其中一种角色!");
					}
				}
			}

		}
		return true;
	}

}
